<?php

$__FILEPATH__ = dirname(__FILE__)."/";

require_once($__FILEPATH__."../func_common.php");
require_once($__FILEPATH__."../class_def.php");
require_once($__FILEPATH__."../conf/info.php");
require_once("$fckeditorpath");

CheckAdminAndInitHeader();

$mysqli = GetMysqliInstance();
$PageArray = array();

if(isset($_POST["update"]))
{
	$username = $_POST["username"];
	$permission = $_POST["permission"];
	if($username != "admin")
	{
		$stmt = $mysqli->prepare("update userlist set permission = ? where username = ?");
		$stmt->bind_param("ss", $permission, $username);
		$stmt->execute();
		$stmt->close();
	}
}
else if(isset($_POST["delete"]))
{
	$username = $_POST["username"];
	if ($username!="admin")
	{
		$stmt = $mysqli->prepare("select imagesrc from userlist where username = ?");
		$stmt->bind_param("s", $username);
		$stmt->execute();
		$stmt->bind_result($src);
		if ($stmt->fetch())
		{
	   		$stmt2 = $mysqli->prepare("delete from userlist where username = ?");
			$stmt2->bind_param("s", $username);
			if ($stmt2->execute())
				unlink("../".$src);
			$stmt2->close();
		}
		$stmt->close();
	}
}

$PageArray["userlist"] = array();

if (isset($_POST["keyword"]) && $_POST["keyword"] != "")
{
	$keyword = $_POST["keyword"];
	$keywordstr = "%".$keyword."%";
	$stmt = $mysqli->prepare("select username,nickname,email,permission from userlist where username like ? or nickname like ? or email like ?");
	$stmt->bind_param("sss", $keywordstr, $keywordstr, $keywordstr);
	$stmt->execute();
	$stmt->bind_result($r_username, $r_nickname, $r_email,$r_permission);
	while($stmt->fetch())
	{
		$UserItem = new UserListItem();
		$UserItem->username 	= $r_username;
		$UserItem->nickname 	= $r_nickname;
		$UserItem->email 		= $r_email;
		$UserItem->permission 	= $r_permission;
		$PageArray["userlist"][] = $UserItem;
	}
	$stmt->close();
}
else 
{
	$result = $mysqli->query("select * from userlist limit 0,10", MYSQLI_USE_RESULT);
	if ($result)
	{
		while($row = $result->fetch_array(MYSQLI_ASSOC))
		{
			$UserItem = new UserListItem();
			$UserItem->username 	= $row["username"];
			$UserItem->nickname 	= $row["nickname"];
			$UserItem->email 		= $row["email"];
			$UserItem->permission 	= $row["permission"];
			$PageArray["userlist"][] = $UserItem;
		}
	}
}




?>